Demo entry 6345252

tcp_sniffer

   

Submitted by Melih on Jan 30, 2017 at 15:38
Language: Python. Code size: 2.1 kB.

import socket
import struct
from ctypes import *  # for extracting the IP header information 

class IPHeader(Structure): 

    _fields_ = [
    ("ihl",     c_ubyte, 4),
    ("version", c_ubyte, 4),
    ("tos",     c_ubyte),
    ("len",     c_ushort),
    ("id",      c_ushort),
    ("offset",  c_ushort),
    ("ttl",     c_ubyte),
    ("protocol_num", c_ubyte),
    ("sum",     c_ushort),
    ("src",     c_uinit32),
    ("dst",     c_unit32) 
    ]

    def __new__(self, data=None):
        return self.from_buffer_copy(data)

    def __init__(sefl, data=None):
        # map source and destionation IP addresses
        self.source_address = socket.inet_ntoa(struct.pack("@I",self.src))
        self.destionation_address = socket.inet_ntoa(struct.pack("@I",self.dst)) 

        # map protocol constants
        self.protocols = {1:"ICMP", 6:"TCP", 17:"UDP"}
        # get the protocol name
        try:
            self.protocol = self.protocols[self.protocol_num]
        except:
            self.protocol = str(self.protocol_num)

def initTcpSocket():
    # Create the socket object
    sniffer_tcp = socket.socket(scoket.AF_INET.SOCK_RAW, socket.IPPROTO_TCP)

    # bind it to localhost
    sniffer_tcp.bind(('0.0.0.0',0))

    # include the IP header
    sniffer_tcp.setsockopt(socket.IPPOTO_IP, socket.IP_HDRINCL,1)

    # return the TCP sniffer object
    return sniffer_tcp

def startSniffing():
    # TCP
    sniffer_tcp = initTcpSocket()

    print 'sniffer is listening for incoming connections'

    try:
        while True:
            # TCP
            raw_buffer_tcp = sniffer_tcp.recvfrom(65535)[0]
            ip_header_tcp = IPHeader(raw_buffer_tcp[0:20])

        if(ip_header_tcp.protocol == "TCP"):
            print "Protocol: %s %s -> %é % (ip_header_tcp.protocol, ip_header_tcp.source_address, ip_header_tcp.destionation_address)

     except KeyboardInterrupt:
         print "Exiting Program ... "
         exit(0)

def main():
    startSniffing()

if __name__ = "__main__": 
    main() 

This snippet took 0.01 seconds to highlight.

Back to the Entry List or Home.

Delete this entry (admin only).